You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by rh...@apache.org on 2013/05/22 14:20:36 UTC
svn commit: r1485179 - /subversion/branches/1.7.x/STATUS
Author: rhuijben
Date: Wed May 22 12:20:36 2013
New Revision: 1485179
URL: http://svn.apache.org/r1485179
Log:
* STATUS: Upgrade vote; approving after input from stsp.
Modified:
subversion/branches/1.7.x/STATUS
Modified: subversion/branches/1.7.x/STATUS
URL: http://svn.apache.org/viewvc/subversion/branches/1.7.x/STATUS?rev=1485179&r1=1485178&r2=1485179&view=diff
==============================================================================
--- subversion/branches/1.7.x/STATUS (original)
+++ subversion/branches/1.7.x/STATUS Wed May 22 12:20:36 2013
@@ -216,26 +216,6 @@ Candidate changes:
Votes:
+1: breser
- * r1461562, r1461580, r1461701, r1481627
- Fix issue #4340, "filenames containing \n corrupt FSFS repositories"
- Justification:
- Newline characters can severely corrupt FSFS revision files and
- should never enter the repository for this reason. See discussion
- linked from issue #4340 for more information.
- Notes:
- r1461701 revises the changes made in the earlier revisions,
- and is the result of a long dev@ discussion that eventually concluded
- in this subthread: http://svn.haxx.se/dev/archive-2013-04/0056.shtml
- This issue can be exploited by people with commit access to corrupt
- an FSFS repository, and has been assigned a CVE number: CVE-2013-1968
- r1481627 addresses concerns raised by danielsh.
- Branch:
- ^/subversion/branches/1.7.x-issue4340
- Votes:
- +1: stsp, danielsh
- +1: cmpilato (without r1481627)
- +1: rhuijben (r1481627 only, once it is merged to the branch)
-
* r1461760
Additional fix related to issue #4340, "filenames containing \n corrupt
FSFS repositories"
@@ -302,3 +282,23 @@ Veto-blocked changes:
Approved changes:
=================
+
+ * r1461562, r1461580, r1461701, r1481627
+ Fix issue #4340, "filenames containing \n corrupt FSFS repositories"
+ Justification:
+ Newline characters can severely corrupt FSFS revision files and
+ should never enter the repository for this reason. See discussion
+ linked from issue #4340 for more information.
+ Notes:
+ r1461701 revises the changes made in the earlier revisions,
+ and is the result of a long dev@ discussion that eventually concluded
+ in this subthread: http://svn.haxx.se/dev/archive-2013-04/0056.shtml
+ This issue can be exploited by people with commit access to corrupt
+ an FSFS repository, and has been assigned a CVE number: CVE-2013-1968
+ r1481627 addresses concerns raised by danielsh.
+ Branch:
+ ^/subversion/branches/1.7.x-issue4340
+ Votes:
+ +1: stsp, danielsh, rhuijben
+ +1: cmpilato (without r1481627)
+